The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to fetch and process content from external URLs and web search results, which introduces an attack surface for indirect prompt injection.
Ingestion points: The search and extract commands in the parallel script ingest data from external websites via the Parallel.ai API.
Boundary markers: The script utilizes Markdown headers (e.g., ## {title}) and horizontal rules (---) to delineate different pieces of fetched content, providing some structure for the agent.
Capability inventory: The skill is restricted to making network requests to the api.parallel.ai domain using the httpx library. It does not perform local file writes, subprocess execution, or dynamic code evaluation.
Sanitization: The tool converts API responses into Markdown formatted text before presenting them to the agent, reducing the likelihood of accidental control character execution, though it does not explicitly filter for embedded instructions within the text.
[COMMAND_EXECUTION]: The script uses httpx for structured API calls. While it includes a raw command for interacting with the API, it is restricted to the api.parallel.ai base URL, preventing arbitrary network access to other domains.
[DATA_EXFILTRATION]: The skill requires a PARALLEL_API_KEY provided via environment variables, which is a secure method of credential management. Search queries and URLs are transmitted to the intended service provider.

parallel